The os_keystone_endpoint module has two interface arguments -
'interface' for authentication, and 'endpoint_interface' for the
endpoint being registered. Currently the module documentation only
covers 'interface', when in fact it should cover 'endpoint_interface'
and pick up 'interface' from the standard OpenStack module parameter
documentation.
Fixes#62319
Change `enable` option to `enabled` in junos_interfaces
and junos_lldp_interfaces
data model to be in sync with other network platform
resource modules added in 2.9 version.
* Add ecs_domain module
* Fixes to integration tests and module
* Fixes to tests and module
* Corrections to revalidation behavior, cna only revalidate domains in expiring.
* Remove debugs for final test run, fix sanity check test fails.
* Add checks for domain status
* Add changelog fragment for new module.
* Removed extra space in backtick
* Minor fixes to make behavior more consistent and correct documentation.
* Update lib/ansible/modules/crypto/entrust/ecs_domain.py
Co-Authored-By: Felix Fontein <felix@fontein.de>
* Update lib/ansible/modules/crypto/entrust/ecs_domain.py
Co-Authored-By: Felix Fontein <felix@fontein.de>
* Update lib/ansible/modules/crypto/entrust/ecs_domain.py
Co-Authored-By: Felix Fontein <felix@fontein.de>
* Apply suggestions from code review
Co-Authored-By: Felix Fontein <felix@fontein.de>
* Change casing of verification method enum, remove redundant changelog fragment
* Return ov_eligible and ev_eligible fields even if false, as long as they're returned by ECS API
The documentation links are now displayed when running from an install.
Previously the links were only displayed when running from source.
This was due to ansible-test checking for the presence of documentation files locally, which are only present when running from source.
The check is no longer necessary since there is a sanity test in place to enforce the presence of documentation for all sanity tests.
* Fix for junos cli_config replace option
* For device that support replace option by loading
configuration from a file on device `config` option
is not required and value of `replace` option is the
path of configuration file on device. This fix allows
invoking run() function in cli_config if `config` option
is None and `replace` option is not boolean
* The command to replace running config on junos device
is `load override <filename>` and not `load replace <filename>`
This is fixed in the junos cliconf plugin.
* Add integration test
* ansible-galaxy - add config to control the display wheel
* Fix changelog and make test more stable
* Don't use display thread at all if progress wheel isn't being shown
The default behavior of the ansible-test vcenter plugin is to use the govcsim container to run tests.
However, unless the govcsim mode was specified using the VMWARE_TEST_PLATFORM environment variable, the filter code would skip the tests unless the tests ran on Shippable or the user had an ansible-core-ci key.
Now the filter correctly recognizes that govcsim is the default.
* Fix location of unit test requirements.
* Preserve ansible-test unit test requirements.
* Remove redundant unit test requirements.
* Fix location of network test requirements.
* Preserve ansible-test network test requirements.
* Remove redundant network test requirements.
* Add missing ordereddict requirements.
* Load collection requirements correctly.
* Add changelog fragment.
* Adding support for Plugin runnable type
Adding support for device arrays in vdirect_runnable module.
Adding "output" dictionary to the vdirect_runnable module result dictionary.
* Adding support for Plugin runnable type
Adding support for device arrays in vdirect_runnable module.
Adding "output" dictionary to the vdirect_runnable module result dictionary.
* Avoid assertion rewriting in pytest plugins.
Adding PYTEST_DONT_REWRITE to the ansible-test pytest plugin docstrings disables assertion rewriting in pytest for those plugins.
This avoids warnings during test execution if the plugins are loaded multiple times (such as being imported within tests).
* Run ansible-test pytest plugins early.
The ansible-test pytest plugins need to load and run earlier than conftest modules.
To facilitate this, the pytest_configure function is run during loading, which works since they are loaded (but not always run) before conftest modules are loaded.
A check has also been added to the pytest_configure functions to prevent them from running multiple times in the same process.
* Load pytest plugins using an env var.
The -p command line option loads plugins before conftest, but only during collection.
The PYTEST_PLUGINS environment variable loads plugins before confest, both during collection and test execution.
Creating a virtual environment using `venv` when running in a virtual environment created by `virtualenv` results in a copy of the original virtual environment instead of creation of a new one.
To work around this, `ansible-test` now identifies when it is running in a `virtualenv` created virtual environment and uses the real Python interpreter to create the `venv` virtual environment.
* AWS ec2_vpc_net: Enable ipv6 CIDR assignment
Enable IPv6 CIDRs in ec2_vpc_net, and fix ec2_vpc_subnet tests that
were depending on the aws cli for CIDR assignment.
Related to: #27800
The `test/results/` directory for Ansible test output was already ignored when not using git.
When Ansible Collections were switched to `tests/output/` the ignore entry was previously overlooked.
* bump hcloud version to 1.4.1
`hcloud`<=1.4.0 has requirement `requests==2.20.0`. This prevents the
installation of the Vcenter Automation SDK which depends on `requests>=2.22.0`.
`hcloud` 1.4.1 does not have the problem: 8bff356efb
Bumping the dependency will resolve the issue.
* Fix ansible-doc traceback for removed modules.
This avoids tracebacks with errors like the following when a module has been removed:
module module_name missing documentation (or could not parse documentation): 'NoneType' object does not support item assignment
* Fix ansible-doc sanity test warning handling.
Warnings about removed modules/plugins on stderr are now properly ignored.
Previously an ansible-doc error could result in unrelated errors going undetected because tests were stopped early and the underlying error was ignored.
* Fix ansible-test venv activation.
When using the ansible-test --venv option, an execv wrapper for each python interpreter is now used instead of a symbolic link.
* Fix ansible-test execv wrapper generation.
Use the currently running Python interpreter for the shebang in the execv wrapper instead of the selected interpreter.
This allows the wrapper to work when the selected interpreter is a script instead of a binary.
* Fix ansible-test sanity requirements install.
When running sanity tests on multiple Python versions, install requirements for all versions used instead of only the default version.
* Fix ansible-test --venv when installed.
When running ansible-test from an install, the --venv delegation option needs to make sure the ansible-test code is available in the created virtual environment.
Exposing system site packages does not work because the virtual environment may be for a different Python version than the one on which ansible-test is installed.
* create-deprecated-issues script can now add to a specified project
* Migrate the create deprecated issues script into a subcommand of build-ansible
* Remove deprecated-issue script from ignore list
* aws_secret: (integration tests) Move tests to using module_defaults
* Update hacking aws security policy to enable management of secrets
* aws_secret: (integration tests) Fixup integration tests
- Update tests to use resource_prefix as a prefix rather than a suffix
- Pause after role creation to cope with AWS being slow (and returning before the role it ready)
* Allow the use of _paramiko_conn even if the connection hasn't been started.
I'm not sure what the benefit is of Noneing paramiko_conn on close, but will keep for now
* Fix test
* Try to fix up net_put & net_get
* Add changelog
* Fix ec2_vpc_vgw broken tests
Add waiter function to wait for API to report detached vgw is available.
Also catch extra error code in attach retry as EC2 sometimes reports that
the vgw is available several seconds before permitting the attachment.
Fixes: #53185
* Re-enable ec2_vgc_vgw test target
* add new module: aws_stepfunctions_state_machine
* add integration tests for new module: aws_stepfunctions_state_machine
* fix sanity checks
* use files/ folder instead for integration test
* rename role name in integration test
* attempt further permissions
* iam states prefix
* iam integration test prefix
* add iam policy for running step functions state machine actions
* slightly increase iam permission scope
* rename integration test folder to proper name
* move main() method to end of file
* move contents of integration-policy.json for state machines to compute-policy.json
* make check_mode return proper changed value + add check_mode integration tests
* rename module to aws_step_functions_state_machine
* fix missed rename in integration test variable
* add purge_tags option
* bump to version 2.10
Python < 2.7.9 does not have the ssl.SSLContext attribute.
ssl.SSLContext is only required when we want to validate the SSL
connection. If `validate_certs` is false, we don't initialize the
`ssl_context` variable.
Add unit-test coverage and a little refactoring:
- avoid the use of `mocker`, when we can push `monkeypatch` which is
`pytest`'s default.
- use `mock.Mocker()` when possible
closes: #57072
* module_utils/ec2: (unit tests) Move unit tests for module_utils/ec2.py into test/units/module_utils
- compare_policies was refactored from s3_bucket
- "ec2_utils" doesn't seem to have ever existed
* module_utils/ec2: (unit tests) Add unit test for comparing quoted and unquoted bools and numbers within policies
As per https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_grammar.html
"Values are enclosed in quotation marks. Quotation marks are optional for numeric
and Boolean values."
* module_utils/ec2: Explicitly convert bools and ints to strings when comparing policies
See also: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_grammar.html
* Fixes to ecs_certificate cert chain for #61738
* Added changelog fragment
* Fixes to ecs_certificate for cleaner join, and better integration test
* Fix integration test formatting
* End cert chain with a \n
* Update changelogs/fragments/61738-ecs-certificate-invalid-chain.yaml
Co-Authored-By: Felix Fontein <felix@fontein.de>
* Update main.yml
* Update AWS hacking policy to enable ASG Tagging management
* aws_asg: Add tests for ASG Tagging (including idempotency)
* aws_asg: ignore sort order when comparing tags on the ASG (fix idempotency)
* ec2_asg: (integration tests) test for idempotency when managing metrics collection
* ec2_asg: sort list of enabled metrics to ensure clean comparisons.
Add a list of previously used release names to make it easy to tell what
release names are no longer usable.
Add a test that new release names have been added to the used list.
Fixes#61616
* iam_group: (integration tests) migrate tests to module_defaults
* iam_group: (integration tests) migrate to using temporary user and group with {{ resource_prefix }}
* iam_group: (integration tests) fix test, checking the return values
* iam_group: (integration tests) Add some more tests around the behaviour of 'changed'
* iam_group: (docs) Update documentation of iam_group return value
* Update AWS testing policies to enable group/user management
* aws_vpc_subnet: (integration tests) migrate to module_defaults
* aws_vpc_subnet: (integration tests) remove hard coded assumption that AZ A exists.
While Amazon now tends to enable all AZs in a region, new customers in us-west-1 are only assigned 2 out of the 3 AZs, which might not include AZ a
* ec2_vpc_subnet: (integration tests) General cleanup
- use "is changed" rather than .changed
- clean up labelling of a couple of assertions (C&P fail)
* ec2_launch_template: (integration tests) make sure security_token is optional
* ec2_launch_template: (integration tests) add dependencies at the top level so they're pulled into the docker containers
* Update Hacking Compute Policies for Launch Templates
* Fix bad assumption about shippable resource_prefix for codebuild and codepipeline tests
* Update test/integration/targets/aws_codepipeline/defaults/main.yml
On OpenBSD, 13 asterisk characters as a password hash, marks the
account as disabled. Otherwise daily(8) script which executes
security(8) will email operator about not properly locked accounts.
Before the diff, we see following warning:
> [WARNING]: The input password appears not to have been hashed. The 'password' argument must be encrypted for this module to work properly.
After the diff, warning is gone.
- Add retries instead of a pause task
- Shorten the IAM role name length
- Put the IAM role name in defaults/main.yml instead
- Fix the aws_codepipeline tests too
* Migrate ec2_eip module to boto3
This patch is a step towards the integration of several PRs that have
attempted to migrate this code
closes#55190closes#45478
Follow-up PRs will address the outstanding changes made in #55190
* luks_device.py: Allow manipulate LUKS containers with label or UUID
- Allow create a LUKS2 container format with label support
- Allow manipulate (open, close, modify) an LUKS container based on
both label (LUKS2 format) or UUID instead of using devices only.
Fixes: #58973
Signed-off-by: Alexandre Mulatinho <alex@mulatinho.net>
* test_luks_device.py: organizing tests to support labels
- Add label on some tests and fix errors reported by Shippable
Signed-off-by: Alexandre Mulatinho <alex@mulatinho.net>
* luks_device.py: adjusting versions and messages
- Modifying version_added from 2.9 to 2.10
- Fixing some messages
- Created a changelog fragment
- Moving blkid from scope
Fixes#58973
Signed-off-by: Alexandre Mulatinho <alex@mulatinho.net>
